The U.S. Department of Homeland Security (DHS) has just weeks left to devise a plan for clearing individuals whose names coincidentally match or resemble those on its Transportation Security Administration’s “no-fly” list.
As of late last year more than 35,000 air travelers had applied to the Transportation Security Administration (TSA) for redress, claiming that their names were placed on the list in error, or that they had been held at an airport because of a coincidental match.
Those held because of confusion over the “no-fly” list include U.S. Sen. Edward M. Kennedy (D-MA), Rep. John Lewis (D-GA), and Catherine Stevens, wife of Sen. Ted Stevens (R-AL). Stevens was chairman of the Senate committee that oversees airline industry regulation; his wife was held before boarding a flight because her name resembled the former stage name of singer Yusuf Islam, popularly known as Cat Stevens.
Such errors prompted Congress to add a provision to the current homeland security appropriations law giving Homeland Security Secretary Michael Chertoff six months to “establish revised procedures” for clearing people with coincidental name matches. That deadline arrives April 4.
The TSA maintains three lists for use by airlines in screening passengers: a “no-fly” list; a “selectee” list of people not prohibited from flying but subject to secondary screening before admission to the terminal; and a “cleared” list of individuals with coincidental matches who have applied for, and received, redress for a wrongful “no fly” listing.
Currently, most redresses are granted after a traveler voluntarily provides the TSA with secondary personal information such as a date of birth or Social Security number for verification, according to a recent report by the U.S. Government Accountability Office (GAO).
Randolph Hite, director for IT architecture and systems issues at the GAO, says that use of secondary data, up to and including biometrics, could solve the problem of coincidental name matches on watch lists. But he emphasizes that he doesn’t favor any one approach.
Others question the effectiveness of lists, regardless of the method used to determine a match. Tim Sparapani, legislative counsel with the American Civil Liberties Union, says that use of name-based lists presumes that would-be terrorists will try to board planes using their legal names, similar names, or aliases known to authorities.
“We need to stop thinking about name-based lists and focus on physical security—what people are bringing on the planes…. As frustrating as it is, it’s a whole lot better for security than to have the name Osama bin Laden on a list,” Sparapani says.
Currently, responsibility for checking travelers against government lists falls to individual airlines, as was the case under the abandoned Computer Assisted Passenger Prescreening systems, or CAPPS I and II. CAPPS I, fully implemented during the 1990s, ran basic personal information against government data, then assigned each traveler a risk score. A score above a certain number resulted in a traveler being “flagged.”
CAPPS I flagged nine of the 9-11 hijackers at check-in, but they were subjected only to screening of their carry-on bags.
Douglas R. Laird Sr., CPP, who conceptualized CAPPS I while head of security at Northwest Airlines during the early 1990s, noted the program’s technical effectiveness that day, but echoed Sparapani’s concerns about no-fly lists.
“Any terrorist with any savvy at all will simply use a name that is not on the watch list. A true terrorist, with connections to a supporting government, or with a lot of money, will also have a valid passport issued with the alias he is using,” says Laird, who now heads his own consulting firm, Laird & Associates, Inc.
Increasingly, experts advocate the use of behavioral analysis to spot would-be terrorists. But those efforts have drawn criticism that the method relies heavily on racial profiling.
The CAPPS programs’ planned successor, dubbed Secure Flight, called for passenger prescreening to be conducted exclusively within TSA, but the plan has stalled due to concerns over system security, privacy, and other issues. DHS still seeks to move the process in-house.
“We think that having the program fully in TSA will help remedy the redress problem,” says TSA spokeswoman Amy Kudwa.